Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/OGowf2WEKM-skig3VJkvUQd-0gk.roa
File: OGowf2WEKM-skig3VJkvUQd-0gk.roa (raw, json)
Hash identifier: l4GHRqUF3zigOregk/7osWSfttuJS7LG0PoEdo83VPY=
Subject key identifier: 38:6A:30:7F:65:84:28:CF:AC:92:28:37:54:99:2F:51:07:7E:D2:09
Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Certificate serial: 019425215E05955891D06A410D2AAC4AE1DF
Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/OGowf2WEKM-skig3VJkvUQd-0gk.roa
Signing time: Thu 02 Jan 2025 03:48:51 +0000
ROA not before: Thu 02 Jan 2025 03:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62359
IP address blocks: 91.242.173.0/24 maxlen: 24
2001:67c:6d8::/48 maxlen: 48
2a14:30c1::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5e:05:95:58:91:d0:6a:41:0d:2a:ac:4a:e1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Validity
Not Before: Jan 2 03:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=386a307f658428cfac92283754992f51077ed209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f0:f8:7e:00:22:29:2c:58:d0:77:c7:26:81:
85:3c:7e:24:39:fe:8f:4f:c1:dc:b2:61:54:9f:17:
07:90:48:05:75:cf:77:e1:69:34:20:b3:a7:fa:74:
f4:86:ec:f0:fd:14:a2:c2:2f:4b:14:3f:b0:a5:39:
b3:6b:c7:81:b1:29:1f:7d:43:ab:f7:86:4c:1b:17:
96:fe:a0:22:c5:5e:75:ec:3b:24:31:8e:8e:f4:21:
19:92:3c:10:a2:ed:14:ef:f7:84:5e:a0:ba:e9:6b:
a9:62:6a:56:9a:04:2d:d2:86:51:0a:fa:71:a1:06:
dd:0f:73:03:b2:bf:4e:7d:c7:fe:8d:45:c8:f0:ae:
63:13:23:fa:b4:b2:b5:2e:e4:39:f0:13:36:d3:ea:
64:a6:e8:9c:dd:de:b7:8d:68:9c:a1:cc:34:d9:28:
c5:65:88:5a:5f:64:0a:eb:ae:25:f9:4b:c8:a3:ee:
f8:88:c4:d0:6c:c4:e9:e5:3b:4a:b9:f1:1b:e7:15:
06:6f:bc:bf:6c:2b:d9:7b:21:d6:92:07:f9:b0:c6:
8c:0b:68:ad:ae:48:4b:61:b1:12:00:9f:12:26:80:
8a:a7:97:56:0c:77:36:b5:73:47:a9:06:5c:7f:55:
82:48:e5:03:84:cf:cd:54:10:13:97:13:f2:ec:c9:
1e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6A:30:7F:65:84:28:CF:AC:92:28:37:54:99:2F:51:07:7E:D2:09
X509v3 Authority Key Identifier:
keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/OGowf2WEKM-skig3VJkvUQd-0gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.173.0/24
IPv6:
2001:67c:6d8::/48
2a14:30c1::/32
Signature Algorithm: sha256WithRSAEncryption
87:7d:82:f1:33:22:aa:1e:92:6f:85:7a:2f:7c:3e:ad:8f:90:
8d:20:e2:53:0a:57:f9:05:d6:ba:f9:b6:48:2c:a3:ba:66:0d:
4e:0c:67:c4:ae:41:e7:45:b5:0c:73:48:f6:24:99:a7:44:aa:
6c:0f:7f:bb:08:1a:50:13:2d:df:c1:d3:91:cd:eb:1f:4c:36:
fd:be:c2:3f:15:a9:92:b9:78:e7:3a:11:54:1e:b3:03:ec:08:
7e:b0:bb:48:08:9b:51:79:a8:b3:aa:ff:db:cc:ff:a7:71:b6:
7b:d6:11:bd:0a:80:6e:96:7f:1b:2a:1a:94:65:7e:0e:b7:c3:
9c:6e:3c:a9:cf:51:1e:4a:d5:0f:22:b5:c3:37:f0:c9:73:f1:
ed:dd:34:70:c7:91:60:75:b2:54:2a:5b:2c:b6:83:1b:99:5d:
56:f8:5f:53:ba:3a:ff:a7:a7:5b:42:82:c2:4f:d2:66:92:96:
ca:a4:07:fe:26:87:a6:41:d3:1b:20:5f:02:75:7e:18:59:37:
72:a3:b1:c7:1f:13:14:27:1f:f5:e4:8f:40:fb:12:4c:b1:7c:
da:8b:c2:02:e0:2b:50:7e:d6:a3:2c:c7:5f:49:c0:89:0f:e6:
38:6e:17:69:2e:4e:26:70:62:b7:20:70:a2:38:2d:4f:63:67:
0f:78:d0:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlIV4FlViR0GpBDSqsSuHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx
MTcxZjEwHhcNMjUwMTAyMDM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZhMzA3ZjY1ODQyOGNmYWM5MjI4Mzc1NDk5MmY1MTA3N2VkMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvD4fgAiKSxY0HfHJoGFPH4kOf6P
T8HcsmFUnxcHkEgFdc934Wk0ILOn+nT0huzw/RSiwi9LFD+wpTmza8eBsSkffUOr
94ZMGxeW/qAixV517DskMY6O9CEZkjwQou0U7/eEXqC66WupYmpWmgQt0oZRCvpx
oQbdD3MDsr9Ofcf+jUXI8K5jEyP6tLK1LuQ58BM20+pkpuic3d63jWicocw02SjF
ZYhaX2QK664l+UvIo+74iMTQbMTp5TtKufEb5xUGb7y/bCvZeyHWkgf5sMaMC2it
rkhLYbESAJ8SJoCKp5dWDHc2tXNHqQZcf1WCSOUDhM/NVBATlxPy7Mke7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDhqMH9lhCjPrJIoN1SZL1EHftIJMB8GA1UdIwQY
MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt
ODg1MjFhZDk5YzdlLzEvT0dvd2YyV0VLTS1za2lnM1ZKa3ZVUWQtMGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl
LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW/KtMBYE
AgACMBADBwAgAQZ8BtgDBQAqFDDBMA0GCSqGSIb3DQEBCwUAA4IBAQCHfYLxMyKq
HpJvhXovfD6tj5CNIOJTClf5Bda6+bZILKO6Zg1ODGfErkHnRbUMc0j2JJmnRKps
D3+7CBpQEy3fwdORzesfTDb9vsI/FamSuXjnOhFUHrMD7Ah+sLtICJtReaizqv/b
zP+ncbZ71hG9CoBuln8bKhqUZX4Ot8Ocbjypz1EeStUPIrXDN/DJc/Ht3TRwx5Fg
dbJUKlsstoMbmV1W+F9Tujr/p6dbQoLCT9JmkpbKpAf+JoemQdMbIF8CdX4YWTdy
o7HHHxMUJx/15I9A+xJMsXzai8IC4CtQftajLMdfScCJD+Y4bhdpLk4mcGK3IHCi
OC1PY2cPeNCC
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:30:29 2025 by rpki-client